CVE-2025-43392
Description
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. A website may exfiltrate image data cross-origin.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.065
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Apple Safari for MAC 26.0 | Mac |
| Multiple vulnerabilities are fixed in macOS Tahoe 26.1 (Software Update) (Auto Reboot)(Deployment-Only) | Mac |
| Multiple vulnerabilities are fixed in macOS Tahoe 26.1 (Software Update) (Auto Reboot) | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-612606 | Apple Safari for MAC (MacOS Sequoia) (26.1) |
| PATCH-612609 | macOS Tahoe 26.1 (Software Update) (Auto Reboot) |
| PATCH-613813 | macOS Tahoe 26.3.1 (Software Update) (Auto Reboot) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234